Chapter 6 - 03 - Workplace Security PDF

Summary

This document covers workplace security topics, including securing network cables, different cable types such as UTP, STP, and fiber optic, and securing portable mobile devices with appropriate security measures. The document is useful for learning cybersecurity and physical security measures for workplace environments.

Full Transcript

Certified Cybersecurity Technician Network Security Controls - Physical Controls Exam 212-82 Securing Network Cables Lay network wiring separate from all other wiring for easy maintenance, monitoring, and to prevent electronic interference Consider installing armored cable if there is a threat of rodents, termites, etc. Use transparent conduits for cabling in high sensitive areas which allow easy identification of any damage or interference All network and communication cables should be hidden and protected appropriately Undergrounding cables will prevent physical access to the cables Do not lay cables above false ceiling to avoid fire risks Document the entire cable infrastructure L All Rights Reserved. Reproductionis Strictly Prohibited Securing Network Cables Network cable security is often overlooked as an aspect of physical security. The organization should consider the importance of cable security before planning and installing any cabling. Network cabling should be neat; else, an organization can suffer from unplanned downtime. With flawed or insecure network cabling, an attacker can easily access sensitive information by bypassing other security controls. The risks associated with network cabling are wiretapping, physical damage, and theft. The following are the considerations for securing network cabling: Lay network wiring separately from all other wiring for easy maintenance, monitoring, and preventing electronic interference. Consider installing armored cable if there is a threat of rodents, termites, etc. Use transparent conduits for cabling in highly sensitive areas to allow the easy identification of any damage or interference. All network and communication cables should be hidden and protected appropriately. Undergrounding cables prevent physical access to the cables. Do not lay cables above a false ceiling to avoid fire risks. Access to cabling pathways and spaces should be restricted to authorized personnel only. Create redundancy to avoid a single point of failure in case of a disaster. Document the entire cable infrastructure. Module 06 Page 662 Certified Cybersecurity Technician Copyright © by EG-Gouncil All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Network Security Controls - Physical Controls Exam 212-82 Types of Cable Used in Network Cabling Unshielded Twisted Pair (UTP) Cable A UTP cable reduces crosstalk and interference between pairs of wires but is prone to wiretapping. An attacker can easily tap the information transmitted through network cables. o o Advantages e Easy toinstall e Suitable for domestic and office Ethernet connections Disadvantages e Highly susceptible to electromagnetic and radio-frequency interference e Less commonly used for long-distance networking Shielded Twisted Pair (STP) Cable In an STP cable, each pair of wires is individually shielded with foil. It is less susceptible to external interference as the shielding absorbs all the EMI and RFI signals. o o Advantages e Immune to crosstalk and interference e Ensures secure data transmission Disadvantages e More expensive than UTP cables e More difficult to install than UTP cables Fiber-optic Cable A fiber-optic cable is made of glass or plastic. Fiber-optic cabling is the least susceptible to wiretapping threats. o o Advantages e Can carry information over relatively great distances e Immunity to electromagnetic interference e No crosstalk Disadvantages e Limited physical arc of the cable e Highly expensive e Need for optical transmitters and receivers Module 06 Page 663 Certified Cybersecurity Technician Copyright © by EG-Council All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Network Security Controls — Physical Controls = Exam 212-82 Coaxial Cable A coaxial cable is made of a single copper conductor at its center. A plastic layer insulates the center conductor and a braided metal shield, which prevents interference from fluorescent lights, motors, etc. o o Advantages e (Can carry information over relatively great distances e Moisture resistant Disadvantages e Module 06 Page 664 Does not bend easily and difficult to install Certified Cybersecurity Technician Copyright © by EG-Council All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Network Security Controls — Physical Controls Exam 212-82 Securing Portable Mobile Devices QO Install anti-theft software that can remotely lock and track devices using a data connection Install device tracking software that can assist in recovering stolen/lost devices Enable or install a remote wipe feature to erase data stored in devices Do not lend your device to third parties Do not leave your device unattended in public places 0O O Encrypt hard drives to make it impossible to access files when it’s lost or stolen O Q 0O Use cables and locks to safeguard laptops 0 0O Label the device or attach a sticker with the name and contact details so the device can be returned if lost Copyright © by All Rights Reserved, Reproduction is Strictly Prohibited Securing Portable Mobile Devices The use of portable mobile devices in an organization has increased over the past few years. The risk of physical security threats to these devices has also increased. These devices are often vulnerable to physical threats such as theft, loss, damage, and resale. The organization should take proper care to handle any security incidents related to these devices. = Apply all security measures common devices, and portable devices. = Physically secure the mobile device location. = Apply proper access control procedures for these devices. = Use cables and locks to safeguard laptops. = Encrypt hard drives to make it impossible to access files when a drive is lost or stolen. = Install anti-theft connection. = |nstall device tracking software that can assist in recovering stolen/lost devices. = Enable orinstall a remote wipe feature to erase data stored in devices. = Do not lend a device to third parties. = Do not leave a device unattended in public places. = Label the device or attach a sticker with the name and contact details of the user so that the device can be returned if lost. Module 06 Page 665 software that can to network remotely devices lock and such track as servers, devices using backup a data Certified Cybersecurity Technician Copyright © by EC-Gouncil All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Network Security Controls - Physical Controls = Exam 212-82 Enable the lockout option so that the device is locked when consecutive unsuccessful attempts to login are made. = Use a docking station that permanently affixes the laptop to the desktop and also locks the laptop securely in one place. = Use security gadgets such as motion detectors and alarms to issue alerts when laptop is moved without authorization. Module 06 Page 666 the Certified Cybersecurity Technician Copyright © by EG-Council All Rights Reserved. Reproduction is Strictly Prohibited.